non-identified TLS communication during installation

Hi,

I installed ZoneAlarm Free Firewall. When I install a security software i like to analyze the communications with a tool like Wireshark (i practice for my future carrier I hope ). I see many communications to zonealarm and zonelarbs server in http. And i see a communication in https to cm1.zonealarm.com.

I'd like to know what information are transmitted under those encrypted communication. I know with Whois that the server belong to CheckPoint but nothing else. Does anybody see that before?

Re: non-identified TLS communication during installation

Sorry all users here and ZAfree have no ZA official support. So, I am afraid we do not have this information. I could guess is the registration server (?). It could the defenseNet server (?). The NSA server (?)

Sorry we don't know here. The principle is: if you start to doubt about your security tool then better to move on. Plenty of free solutions out there. Best to focus on how to improve your security from external threats rather than querstioning your own tools.

Re: non-identified TLS communication during installation

Originally Posted by fax

The NSA server (?)

Yeah i read an article about Zonalarm which phones home (and perhaps act as an NSA spy ! it happened in 2006 right?

I think it's still the same thing regarding the communications to zonealarm/zonelabs servers. Most of them arre not encrypted (just url-encoded or base64 encoded) but sometimes i can see encrypted communications to these servers (et1.zonealarm.com, pa2.zonelabs.com, ps2.zonelabs.com, pa1.zonealarm.com, etc.).

Re: non-identified TLS communication during installation

Again, the principle is either you trust the security tools you use (and a firewall is your first line of defense) or you just pass and move on. Its really not worth spending time on it, its best to spend time how to improve your security from external threats than questioning your own security tools. You will just end up with increasing paranoia of call home, NSA or the salvation army without any useful result.

ZA relays heavily on cloud services as many security products out there. This for for various purposes, including, registration,products updates, componemts update, application safety, DefenseNet, antivirus updates (if you running the AVfree version). This is normal and by design. This is done for your security and to minimise user interaction.

Unless there are other ZA product related issue I will soon close this thread as we can't really address your concern here. This is a ZA user to user support on common ZA common product related issues.